A mathematical framework for the analysis of cyber-resilient control systems

The increasingly recognized vulnerability of industrial control systems to cyber-attacks has inspired a considerable amount of research into techniques for cyber-resilient control systems. The majority of this effort involves the application of well known information security techniques to protect system networks. These techniques are primarily concerned with the prevention of unauthorized access and the protection of data integrity. While these efforts are important to protect the control systems that operate critical infrastructure, they are never perfectly effective thus motivating a need to develop control systems that will operate successfully during a cyber attack. Little research has focused on the design of control systems with closed-loop dynamics that are resilient to cyber-attack. An understanding of the types of modifications to the system and signals that could be employed by an attacker after they have gained access to the control system and the effects of these attacks on the behavior of the control systems can guide efforts to develop attack detection and mitigation strategies. To formulate this problem, consistent mathematical definitions of concepts within resilient control need to be established to enable a mathematical analysis of the vulnerabilities and resiliencies of a particular control system design methodology and architecture. In this paper, we propose rigorous definitions for state awareness, operational normalcy, and resiliency as they relate to realtime control systems. We will also discuss some mathematical consequences that arise from the proposed definitions. The goal is to begin to develop a mathematical framework and testable conditions for resiliency that can be used to build a sound theoretical foundation for resilient control research.